blob: 2be5dcce44def48ec9bdfc8aa093fbf819882ccf [file] [log] [blame]
Paul Bakkere07c4312013-07-03 14:00:49 +02001#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
2#include "polarssl/memory.h"
3#endif
4
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +02005#if defined(POLARSSL_PLATFORM_C)
6#include "polarssl/platform.h"
7#else
8#define polarssl_malloc malloc
9#define polarssl_free free
10#endif
11
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000012#ifdef _MSC_VER
13#include <basetsd.h>
14typedef UINT32 uint32_t;
15#else
16#include <inttypes.h>
17#endif
18
Paul Bakker19343182013-08-16 13:31:10 +020019#include <assert.h>
20#include <stdlib.h>
21#include <string.h>
22
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000023/*
24 * 32-bit integer manipulation macros (big endian)
25 */
Paul Bakker5c2364c2012-10-01 14:41:15 +000026#ifndef GET_UINT32_BE
27#define GET_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000028{ \
Paul Bakker5c2364c2012-10-01 14:41:15 +000029 (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
30 | ( (uint32_t) (b)[(i) + 1] << 16 ) \
31 | ( (uint32_t) (b)[(i) + 2] << 8 ) \
32 | ( (uint32_t) (b)[(i) + 3] ); \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000033}
34#endif
35
Paul Bakker5c2364c2012-10-01 14:41:15 +000036#ifndef PUT_UINT32_BE
37#define PUT_UINT32_BE(n,b,i) \
Paul Bakkerb3dcbc12011-03-13 16:57:25 +000038{ \
39 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
40 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
41 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
42 (b)[(i) + 3] = (unsigned char) ( (n) ); \
43}
44#endif
45
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +020046static int unhexify(unsigned char *obuf, const char *ibuf)
Paul Bakker367dae42009-06-28 21:50:27 +000047{
48 unsigned char c, c2;
49 int len = strlen(ibuf) / 2;
50 assert(!(strlen(ibuf) %1)); // must be even number of bytes
51
52 while (*ibuf != 0)
53 {
54 c = *ibuf++;
55 if( c >= '0' && c <= '9' )
56 c -= '0';
57 else if( c >= 'a' && c <= 'f' )
58 c -= 'a' - 10;
59 else if( c >= 'A' && c <= 'F' )
60 c -= 'A' - 10;
61 else
62 assert( 0 );
63
64 c2 = *ibuf++;
65 if( c2 >= '0' && c2 <= '9' )
66 c2 -= '0';
67 else if( c2 >= 'a' && c2 <= 'f' )
68 c2 -= 'a' - 10;
69 else if( c2 >= 'A' && c2 <= 'F' )
70 c2 -= 'A' - 10;
71 else
72 assert( 0 );
73
74 *obuf++ = ( c << 4 ) | c2;
75 }
76
77 return len;
78}
79
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +020080static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
Paul Bakker367dae42009-06-28 21:50:27 +000081{
82 unsigned char l, h;
83
84 while (len != 0)
85 {
86 h = (*ibuf) / 16;
87 l = (*ibuf) % 16;
88
89 if( h < 10 )
90 *obuf++ = '0' + h;
91 else
92 *obuf++ = 'a' + h - 10;
93
94 if( l < 10 )
95 *obuf++ = '0' + l;
96 else
97 *obuf++ = 'a' + l - 10;
98
99 ++ibuf;
100 len--;
101 }
102}
Paul Bakker9dcc3222011-03-08 14:16:06 +0000103
104/**
Manuel Pégourié-Gonnard3d49b9d2014-06-06 14:48:09 +0200105 * Allocate and fill a buffer from hex data.
106 *
107 * The buffer is sized exactly as needed. This allows to detect buffer
108 * overruns (including overreads) when running the test suite under valgrind.
109 *
110 * For convenience, dies if allocation fails.
111 */
112static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
113{
114 unsigned char *obuf;
115
116 *olen = strlen(ibuf) / 2;
117
118 assert( ( obuf = polarssl_malloc( *olen ) ) != NULL );
119
120 (void) unhexify( obuf, ibuf );
121
122 return( obuf );
123}
124
125/**
Paul Bakker9dcc3222011-03-08 14:16:06 +0000126 * This function just returns data from rand().
Paul Bakker997bbd12011-03-13 15:45:42 +0000127 * Although predictable and often similar on multiple
128 * runs, this does not result in identical random on
129 * each run. So do not use this if the results of a
130 * test depend on the random data that is generated.
Paul Bakker9dcc3222011-03-08 14:16:06 +0000131 *
132 * rng_state shall be NULL.
133 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000134static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000135{
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200136#if !defined(__OpenBSD__)
Paul Bakkera3d195c2011-11-27 21:07:34 +0000137 size_t i;
138
Paul Bakker9dcc3222011-03-08 14:16:06 +0000139 if( rng_state != NULL )
140 rng_state = NULL;
141
Paul Bakkera3d195c2011-11-27 21:07:34 +0000142 for( i = 0; i < len; ++i )
143 output[i] = rand();
Paul Bakkerf96f7b62014-04-30 16:02:38 +0200144#else
145 if( rng_state != NULL )
146 rng_state = NULL;
147
148 arc4random_buf( output, len );
149#endif /* !OpenBSD */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000150
151 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000152}
153
154/**
155 * This function only returns zeros
156 *
157 * rng_state shall be NULL.
158 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000159static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000160{
161 if( rng_state != NULL )
162 rng_state = NULL;
163
Paul Bakkera3d195c2011-11-27 21:07:34 +0000164 memset( output, 0, len );
165
Paul Bakker9dcc3222011-03-08 14:16:06 +0000166 return( 0 );
167}
168
169typedef struct
170{
171 unsigned char *buf;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000172 size_t length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000173} rnd_buf_info;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000174
175/**
176 * This function returns random based on a buffer it receives.
177 *
Paul Bakker997bbd12011-03-13 15:45:42 +0000178 * rng_state shall be a pointer to a rnd_buf_info structure.
179 *
180 * The number of bytes released from the buffer on each call to
181 * the random function is specified by per_call. (Can be between
182 * 1 and 4)
Paul Bakker9dcc3222011-03-08 14:16:06 +0000183 *
184 * After the buffer is empty it will return rand();
185 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000186static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000187{
Paul Bakker997bbd12011-03-13 15:45:42 +0000188 rnd_buf_info *info = (rnd_buf_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000189 size_t use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000190
191 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000192 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000193
Paul Bakkera3d195c2011-11-27 21:07:34 +0000194 use_len = len;
195 if( len > info->length )
196 use_len = info->length;
Paul Bakker997bbd12011-03-13 15:45:42 +0000197
Paul Bakkera3d195c2011-11-27 21:07:34 +0000198 if( use_len )
Paul Bakker9dcc3222011-03-08 14:16:06 +0000199 {
Paul Bakkera3d195c2011-11-27 21:07:34 +0000200 memcpy( output, info->buf, use_len );
201 info->buf += use_len;
202 info->length -= use_len;
Paul Bakker9dcc3222011-03-08 14:16:06 +0000203 }
204
Paul Bakkera3d195c2011-11-27 21:07:34 +0000205 if( len - use_len > 0 )
206 return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
207
208 return( 0 );
Paul Bakker9dcc3222011-03-08 14:16:06 +0000209}
Paul Bakker997bbd12011-03-13 15:45:42 +0000210
211/**
212 * Info structure for the pseudo random function
213 *
214 * Key should be set at the start to a test-unique value.
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000215 * Do not forget endianness!
Paul Bakker997bbd12011-03-13 15:45:42 +0000216 * State( v0, v1 ) should be set to zero.
217 */
218typedef struct
219{
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000220 uint32_t key[16];
Paul Bakker997bbd12011-03-13 15:45:42 +0000221 uint32_t v0, v1;
222} rnd_pseudo_info;
223
224/**
225 * This function returns random based on a pseudo random function.
226 * This means the results should be identical on all systems.
227 * Pseudo random is based on the XTEA encryption algorithm to
228 * generate pseudorandom.
229 *
230 * rng_state shall be a pointer to a rnd_pseudo_info structure.
231 */
Paul Bakkera3d195c2011-11-27 21:07:34 +0000232static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
Paul Bakker997bbd12011-03-13 15:45:42 +0000233{
234 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000235 uint32_t i, *k, sum, delta=0x9E3779B9;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100236 unsigned char result[4], *out = output;
Paul Bakker997bbd12011-03-13 15:45:42 +0000237
238 if( rng_state == NULL )
Paul Bakkera3d195c2011-11-27 21:07:34 +0000239 return( rnd_std_rand( NULL, output, len ) );
Paul Bakker997bbd12011-03-13 15:45:42 +0000240
Paul Bakkerb3dcbc12011-03-13 16:57:25 +0000241 k = info->key;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000242
243 while( len > 0 )
Paul Bakker997bbd12011-03-13 15:45:42 +0000244 {
Paul Bakker40dd5302012-05-15 15:02:38 +0000245 size_t use_len = ( len > 4 ) ? 4 : len;
Paul Bakkera3d195c2011-11-27 21:07:34 +0000246 sum = 0;
247
Paul Bakkera3d195c2011-11-27 21:07:34 +0000248 for( i = 0; i < 32; i++ )
249 {
250 info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
251 sum += delta;
252 info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
253 }
254
Paul Bakker5c2364c2012-10-01 14:41:15 +0000255 PUT_UINT32_BE( info->v0, result, 0 );
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100256 memcpy( out, result, use_len );
Paul Bakkera3d195c2011-11-27 21:07:34 +0000257 len -= use_len;
Manuel Pégourié-Gonnard217a29c2014-01-03 11:59:09 +0100258 out += 4;
Paul Bakker997bbd12011-03-13 15:45:42 +0000259 }
260
Paul Bakkera3d195c2011-11-27 21:07:34 +0000261 return( 0 );
Paul Bakker997bbd12011-03-13 15:45:42 +0000262}